ISO standards represent the consensus of expert opinion, providing critical insights into how controls for data protection and cyber security can be operationalised in business. Despite being frequently overlooked by lawyers, they are often baked into legislation (e.g., NIS 2018 and DORA 2022), supporting regulatory guidance (e.g., for the GDPR) and in case law dealing with matters related to technical duties. Trends identified by DWF suggest that ISO standards will play an increasingly important role in determining regulatory enforcement results and outcomes in court. Therefore, it is vital that our clients understand them.
The insights provided by our senior team of data protection and cyber security experts shed light on a number of complex ISO standards, including for risk assessments; design of management systems; privacy by design; protection against re-identification attacks; supply chain risk management; and incident management and response.
This snapshot of international standards gave our attendees a vision of the future of data protection and cyber security law. By encouraging our clients to consider ISO standards, we hope to equip them with the foresight to navigate the ever-changing landscape of the law.
Our next session will take place in London on 25 July and will discuss the impact of recent CJEU decisions on data protection.
If you are interested in attending this and future events at the forefront of data protection and cyber security discourse, please register your interest with one of our team, or send us an email at dpcs@dwf.law.
